On 21 October 2015 at 12:29, Ilari Liusvaara <ilariliusva...@welho.com> wrote: > Bit crazy idea: Have vector of causes handshake went wrong > (e.g. required share missing, cookie required). Then the > client verifies that that: > - There is at least one cause > - All causes are known (can't retry with unknown error) > - All causes are proper (e.g. actual missing share).
The client doesn't need this information, though the server might. That is, if it doesn't want to try several options to see which one passes the MAC, noting that there aren't that many options. Given that, I don't think we need to specify anything. Note that absence of cookie is the only valid starting state, so you don't need a bit for that. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
